package team.kirohuji.shiro.filter;

import java.io.IOException;

import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;

import org.apache.shiro.web.filter.authz.AuthorizationFilter;


/**
 * 这个类主要是认证的过滤
 * @author kirohuji
 *
 */
public class IpIntAuthorizationFilter extends AuthorizationFilter{

	/* 
	 * 这个方法是对每个会话判断是否允许通过
	 * (non-Javadoc)
	 * @see org.apache.shiro.web.filter.AccessControlFilter#isAccessAllowed(javax.servlet.ServletRequest, javax.servlet.ServletResponse, java.lang.Object)
	 * @param request Servlet请求
	 * @param response  Servlet响应
	 * @param mappedValue map值
	 * @return boolean 是否成功
	 * @throws Exception
	 */
	@Override
	protected boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue) throws Exception {
/*		System.out.println("来访者的IP是："+request.getRemoteAddr());//限制只有内网能访问
		logger.info("来访者的IP是："+request.getRemoteAddr()); 
		if(!request.getRemoteAddr().startsWith("192.168.1")){ 
			throw new IOException("No permission"); } */
		HttpServletRequest req=(HttpServletRequest)request;
		System.out.println("--------------------------------------");
		if (req.getHeader("x-forwarded-for") == null) {  
	        System.out.println("真实的地址"+req.getRemoteAddr());  
	    }  
	    System.out.println("真实的地址"+req.getHeader("x-forwarded-for"));  
		return true;
	}
}
